package com.control;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
import java.util.Date;
import java.util.Enumeration;
import java.util.Map;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.alibaba.fastjson2.JSON;
import com.alibaba.fastjson2.JSONObject;
import com.dao.LoginDao;

import com.dao.SqlOfUser;

import com.servlet.M;

import com.servlet.My;

import hyl.base.safe.MySm4;
import hyl.core.AIni;
import hyl.core.MyDate;
import hyl.core.MyFun;
import hyl.core.fun.MyIS;
import hyl.core.info.Content;
import hyl.core.safe.VerifyCode;
import hyl.ext.base.C路由器;
import hyl.ext.base.MyToken;
import hyl.ext.base.Response;
import hyl.ext.base.TokenFactory;

/**
 * 
 * 
 * 用户控制器
 * 
 * @author: zoudyaou qq:37798955
 * @date: 2018年11月20日 上午11:26:00
 * @copyright: 2018 zoudayou Inc. All rights reserved.
 *             注意：代码版权归邹达有所有，任何人未经授权不得私自用于商业目的
 */
@Controller("tokenControl")
public class TokenControl {

	public TokenControl() {
	}

	@RequestMapping("/ex/redirectGet")
	public void redirectGet(HttpServletRequest request, HttpServletResponse response) throws IOException {

		String url = null;
		StringBuffer params = new StringBuffer();
		Enumeration<?> enu = request.getParameterNames();
		int total = 0;
		while (enu.hasMoreElements()) {
			String paramName = (String) enu.nextElement();
			if (paramName.equals("url")) {
				url = request.getParameter(paramName);
			} else {
				if (total > 0) {
					params.append("&");
				}
				params.append(paramName).append("=")
						.append(URLEncoder.encode(request.getParameter(paramName), "UTF-8"));
				++total;
			}
		}
		String para = params.toString();

//out.println(url);
		if (url != null) {
// 使用GET方式向目的服务器发送请求
			URL connect = new URL(url.toString());
			URLConnection connection = connect.openConnection();
			connection.setDoOutput(true);
			connection.setDoInput(true);
			connection.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
			connection.connect();
			OutputStreamWriter os = new OutputStreamWriter(connection.getOutputStream(), "utf-8");

			os.write("requestName=getIntervention&uid=UID_GATEWAY&startDate=1292223600&endDate=1408330000");
			os.write(para);
			os.flush();
			os.close();

			BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
			String line;
			PrintWriter out = response.getWriter();
			while ((line = reader.readLine()) != null) {
				out.println(line);
			}
			reader.close();
		}
	}

	// 注册短信
	@RequestMapping("/l/getRegSms")
	@ResponseBody // 发送短消息验证码
	public Map<String, Object> reg_getsmscode(HttpServletRequest req, HttpServletResponse res,
			@RequestParam Map<String, String> R) throws ServletException, IOException {
		MyToken tk = My.getToken(req);
		String phone = R.get("phone");
		// 为空检查
		if (MyFun.isEmpty(phone)) {
			tk.msg.setCode(0, AIni.g消息("不能为空", tk.getLang()));
			return tk.msg.get();
		}
		// 判断号码是否注册过
		if (SqlOfUser.isEffTel(phone) == 1) {
			tk.msg.setCode(0, "该号码已经注册过了");
			return tk.msg.get();
		} else {
			// tk.mcode = SmsService.sendSms(phone);
			tk.msg.setCode(1, "短信验证码已经发送到" + phone);
			return tk.msg.get();
		}
	}

	// 适用于 登录短信,密码重置短信
	@RequestMapping("/l/getForgotSms")
	@ResponseBody // 发送短消息验证码
	public Map<String, Object> login_getsmscode(HttpServletRequest req, HttpServletResponse res,
			@RequestParam Map<String, String> R) throws ServletException, IOException {
		MyToken tk = My.getToken(req);
		String phone = R.get("phone");
		// 为空检查
		if (MyFun.isEmpty(phone)) {
			tk.msg.setCode(0, AIni.g消息("不能为空", tk.getLang()));
			return tk.msg.get();
		}
		// 判断号码是否注册过
		if (SqlOfUser.isEffTel(phone) != 1) {
			tk.msg.setCode(0, "该号码未注册过");
			return tk.msg.get();
		} else {
			// tk.mcode = SmsService.sendSms(phone);
			tk.msg.setCode(1, "短信验证码已经发送到" + phone);
			return tk.msg.get();
		}
	}

	// 生成邮件验证码

	@RequestMapping(value = "/l/resetpass_mail_dao", produces = "text/html;charset=UTF-8")
	// @ResponseBody 位置比较随意可以修饰方法 也可以修饰返回值
	public @ResponseBody String f发送忘记密码邮件验证码(HttpServletRequest req, HttpServletResponse res,
			@RequestParam Map<String, String> R) throws ServletException, IOException {
		MyToken tk = My.getToken(req);
		String mm = R.get("mm");// 电话
		String s = MySm4.ecb解密16(My.bsm4key, mm);
		if (MyFun.isEmpty(s)) {
			// tk.msg.setCode(0, "请求参数异常!");

			return "<h2>请求参数异常!<h2>";
		}
		String[] ss = s.split(",");
		if (ss.length != 3) {
			return "<h2>请求参数异常!<h2>";
		}
		String 邮箱 = ss[0];
		String 随机码 = ss[1];
		String 密码 = ss[2];

		if (tk.mcode == null || (!随机码.equals(tk.mcode))) {
			return "<h2>请求参数异常!<h2>";
		}
		tk.mcode = null;
		Date dt = new Date(MyFun.str2long(随机码));
		Date dt2 = MyDate.addMinutes(dt, 30);
		if (dt2.after(new Date())) {
			SqlOfUser.resetPass_mail(邮箱, 密码);
			String str = MyFun.join("<h2>密码重置成功,请从新</h2> \n  <br><a href=\'", Response.getBasePath(req),
					C路由器.g路由("登录", req), "\'>登录!</a>");
			return str;
		} else {
			return "<h2>链接已经过期,请重新操作.</h2>";
		}
	}

	@RequestMapping("/l/resetpass_mail")
	@ResponseBody
	public Content f用邮箱重置密码(HttpServletRequest req, HttpServletResponse res, @RequestBody Map<String, String> R)
			throws ServletException, IOException {
		MyToken tk = My.getToken(req);
		String s = R.get("mm");// 电话
		if (MyFun.isEmpty(s)) {
			tk.msg.setCode(0, "请求异常!");
			return tk.msg;
		}
		s = MySm4.ecb解密16(tk.getSm4key(), s);
		String[] ss = s.split(",");
		if (ss.length != 2) {
			tk.msg.setCode(0, "请求异常!");
			return tk.msg;
		}
		String 邮箱 = ss[0];
		String 密码 = ss[1];
		if (MyFun.isEmpty(邮箱)) {
			tk.msg.setCode(0, "邮箱不能为空!");
			return tk.msg;
		}
		if (!MyIS.is有效邮箱(邮箱)) {
			tk.msg.setCode(0, "邮箱格式不正确!");
			return tk.msg;
		}
		Object obj = SqlOfUser.is注册邮箱(邮箱);
		if (obj == null) { // 如果没有注册过,发送mail验证码
			tk.msg.setCode(0, 邮箱 + "邮箱未注册");
			return tk.msg;
		}
		if (MyFun.isEmpty(密码)) {
			tk.msg.setCode(0, "密码不能为空!");
			return tk.msg;
		}
		if (!MyIS.is有效密码(密码)) {
			tk.msg.setCode(0, "密码格式不正确");
			return tk.msg;
		}

		String 随机码 = MyFun.getMsString();
		tk.setMcode(随机码);
		String str = MySm4.ecb加密16(My.bsm4key, MyFun.join(邮箱, ",", 随机码, ",", 密码));
		try {
			String url = MyFun.join("密码重置链接,点击后重置密码\n", Response.getBasePath(req), "l/resetpass_mail_dao?mm=", str, "&",
					TokenFactory.SessionKey, "=", tk.token);
			My.sendMail(邮箱, My.get系统名称() + "验证码确认邮件", url);
			tk.msg.setCode(1, "密码重置邮件已经发送到用户邮箱等待用户激活");
		} catch (Exception e) {
			tk.msg.setCode(0, "密码重置异常");
		}
		return tk.msg;
	}

	// 生成qq消息验证码

	// 电话号码校验
	@RequestMapping("/ex/telIsExist")
	@ResponseBody
	public String reg_teliseff(HttpServletRequest req, HttpServletResponse res, @RequestParam Map<String, String> R)
			throws ServletException, IOException {
		// Session tk = My.getToken(req);
		String phone = R.get("phone");
		return String.valueOf(SqlOfUser.isEffTel(phone)); // 1:已经注册，0：未注册可以使用
	}

	// 会员是否存在
	@RequestMapping("/ex/idIsExist")
	@ResponseBody
	public String reg_idiseff(HttpServletRequest req, HttpServletResponse res, @RequestParam Map<String, String> R)
			throws ServletException, IOException {
		// Session tk = My.getToken(req);
		String uid = R.get("uid");
		return String.valueOf(SqlOfUser.isEffUid(uid)); // 1:已经注册，0：未注册可以使用
	}

	// 修复该token ,如果token 不存在就不修复
	@RequestMapping("/ex/start")
	public void start(HttpServletRequest req, HttpServletResponse res, @RequestParam Map<String, String> R)
			throws ServletException, IOException {
		TokenFactory.getInstance();
		MyToken tk = TokenFactory.getToken(req);
		if (tk == null)
			return;
		tk.start();
	}

	/**
	 * 客户端连接以后给他公钥
	 * 
	 * @param req
	 * @param res
	 * @param R
	 * @return
	 * @throws ServletException
	 * @throws IOException
	 */
	@RequestMapping("/l/publickey")
	@ResponseBody
	public Content publickey(HttpServletRequest req, HttpServletResponse res, @RequestParam Map<String, String> R)
			throws ServletException, IOException {
		TokenFactory.getInstance();
		Content ct = new Content();	
		ct.setMsg(TokenFactory.s公钥);
		MyFun.print(ct);
		return ct;

	}

	// @PostMapping("/l/sm4key")
	@RequestMapping("/l/sm4key")
	@ResponseBody
	public Content sm4key(HttpServletRequest req, HttpServletResponse res, @RequestBody Map<String, String> R)
			throws ServletException, IOException {// json请求的写法
		TokenFactory.getInstance();
		MyToken tk = My.getToken(req);
		String sm4key = R.get("key");
		// MyFun.print("begin",sm4key,req.getParameter("key"),"end");
		String key = TokenFactory.getSm2().do私钥解密16(sm4key);
		tk.setSm4密钥(key);

		// MyFun.print("sm4",key);
		tk.msg.setCode(1, "sm4密钥已送达");
		return tk.msg;

	}

	// 登录 一进来就默认 计数器+1,如果正确就重置状态 start,或强制性阻拦 stop
	@RequestMapping("/l/login")
	@ResponseBody
	public Content login(HttpServletRequest req, HttpServletResponse res, @RequestBody Map<String, String> R)
			throws ServletException, IOException {
		MyToken tk = My.getToken(req);
		String 用户名_密码 = R.get("mm");
		// MyFun.print("sm4k1",MyByte.bytesToHex(tk.getSm4key()));
		// MyFun.print(用户名_密码);
		String str = MySm4.ecb解密16(tk.getSm4key(), 用户名_密码);
		if (MyFun.isEmpty(str)) {
			tk.msg.setCode(0, AIni.g消息("异常登录", tk.getLang()));
			return tk.msg;
		}
		// MyFun.print("用户名_密码",str);
		String[] mm = str.split(",");

		String name = mm[0];
		String pass = mm[1];
		if (MyFun.isEmpty(name) || MyFun.isEmpty(pass)) {
			tk.msg.setCode(M.CODE_异常, AIni.g消息("登录名或密码错误", tk.getLang()));
			return tk.msg;
		}
		Map<String, Object> user = SqlOfUser.login(name, name, pass);
		if (user.isEmpty()) {// 用户名密码错误
			tk.msg.setCode(M.CODE_异常, AIni.g消息("登录名或密码错误", tk.getLang()));
			return tk.msg;
		} else {// 验证通过，完善token
			setLoginSession(tk, user);
			tk.msg.setCode(M.CODE_已登录, AIni.g消息("登录成功", tk.getLang()));
			tk.start();
			return tk.msg;
		}

	}

	public void setLoginSession(MyToken tk, Map<String, Object> user) {
		tk.setUserId((Integer) user.get("id"));
		tk.setPhone((String) user.get("uphone"));
		tk.setUname((String) user.get("uname"));
		tk.setTjrid((Integer) user.get("tjrid"));
		tk.setRoleid((Integer) user.get("roleid"));
		tk.set别名((String) user.get("ualias"));
		tk.setState(0, '1');
		tk.setIstate(MyFun.obj2Int(user.get("istate")));
		String headimg = (String) user.get("headimg");
		if (MyFun.isEmpty(headimg))
			headimg = "assets/images/avatars/avatar2.png";
		tk.set头像(headimg);
		tk.msg.setCode(1, AIni.g消息("登录成功", tk.getLang()));
		LoginDao.log_nomal(tk, LoginDao.LogerLogin);

	}

	@RequestMapping("/l/reg_mcode")
	@ResponseBody
	public Content f发送注册验证码(HttpServletRequest req, HttpServletResponse res, @RequestBody Map<String, String> R)
			throws ServletException, IOException {
		MyToken tk = My.getToken(req);
		if (tk.is登录()) {
			tk.msg.setCode(0, AIni.g消息("用户已登录", tk.getLang()));
			return tk.msg;
		}
		String 手机 = R.get("tel");// 电话
		String 邮箱 = R.get("mail");// 电话
		// 检测该邮箱是否已经注册过,
		Object obj = SqlOfUser.is注册(手机, 邮箱);
		if (obj == null) { // 如果没有注册过,发送mail验证码
			String 验证码 = VerifyCode.generateVerifyCode(6);
			tk.setMail(邮箱);
			tk.setMcode(验证码);
			if (!MyFun.isEmpty(邮箱)) {
				String st = MyFun.join("邮箱:", 邮箱, ";验证码:" + 验证码);
				My.sendMail(邮箱, My.get系统名称() + "验证码确认邮件", st);
				tk.msg.setCode(1, "验证码已经通过邮件发送,请及时查看");
				return tk.msg;
			} else if (!MyFun.isEmpty(手机)) {
				My.sendSMS(手机, "注册验证码:" + 验证码);// 改为短信模板
				tk.msg.setCode(1, "验证码已经通过手机发送,请及时查看");
				return tk.msg;
			}
			tk.msg.setCode(0, "邮箱和手机不能都为空!");
			return tk.msg;
		} else { // 如果注册过,反馈注册
			tk.msg.setCode(0, AIni.g消息("用户已注册", tk.getLang()));
			return tk.msg;
		}
	}

	@RequestMapping("/l/regMember")
	@ResponseBody
	public Content regMember(HttpServletRequest req, HttpServletResponse res, @RequestBody Map<String, String> R)
			throws ServletException, IOException {
		return freg(req, res, R);

	}

	public Content freg(HttpServletRequest req, HttpServletResponse res, Map<String, String> R)
			throws ServletException, IOException {
		MyToken tk = My.getToken(req);
		String 用户信息 = R.get("mm");
		// MyFun.print("sm4k1",MyByte.bytesToHex(tk.getSm4key()));
		// MyFun.print(用户名_密码);
		String str = MySm4.ecb解密16(tk.getSm4key(), 用户信息);
		if (MyFun.isEmpty(str)) {
			tk.msg.setCode(0, AIni.g消息("异常登录", tk.getLang()));
			return tk.msg;
		}
		// MyFun.print("用户名_密码",str);
		JSONObject jobj = JSON.parseObject(str);

		String 密码 = jobj.getString("upwd");
		String 手机 = jobj.getString("uname");
		String 邮箱 = jobj.getString("umail");
		String 验证码 = jobj.getString("mcode");
		String 推荐人 = jobj.getString("utjr"); // 推荐人

		// 判断是否已经发送过短信或者发送手机号码是否为空
		if (MyFun.isEmpty(验证码) || MyFun.isEmpty(密码) || MyFun.isEmpty(手机) || MyFun.isEmpty(邮箱)) {
			tk.msg.setCode(0, AIni.g消息("表单必填项为空", tk.getLang()));
			return tk.msg;
		}
		// 判断发送短信的手机和验证码是否一致
		// 不能用验证码注册其他邮箱或手机
		if (验证码.equals(tk.getMcode()) && (手机.equals(tk.getPhone()) || 邮箱.equals(tk.getMail()))) {// 注册账号匹配,且验证码正确
			// Date end_date = MyFun.addDays(15);// 试用期15天,审核后延长
			int r = SqlOfUser.reg(推荐人, 手机, 手机, 密码, 邮箱, tk.getIp());
			if (r == 1)// 注册成功
			{
				tk.msg.setCode(1, AIni.g消息("注册成功", tk.getLang()));
				LoginDao.log_nomal(tk, LoginDao.LogerReg);
				tk.setMcode(null);

			} else {
				// 基本不会出现这种情况，除非数据库表发生变动
				tk.msg.setCode(0, AIni.g消息("注册失败", tk.getLang()));
				tk.setMcode(null);
				tk.setPhone(null);
				tk.setMail(null);
			}
			// 删除短信记录
		} else {
			tk.setMcode(null);
			tk.setPhone(null);
			tk.setMail(null);
			tk.msg.setCode(0, AIni.g消息("验证码错误", tk.getLang()));
		}
		return tk.msg;
	}

	// 后台注册用户
	@RequestMapping("/ex/adminreg")
	@ResponseBody
	public Map<String, Object> admin后台注册(HttpServletRequest req, HttpServletResponse res)
			throws ServletException, IOException {
		MyToken tk = My.getToken(req);

		if (MyFun.isEmpty(req.getParameter("phone"))) {
			tk.msg.setCode(0, "手机号" + AIni.g消息("不能为空", tk.getLang()));
			return tk.msg.get();
		}
		if (MyFun.isEmpty(req.getParameter("pid"))) {
			tk.msg.setCode(0, "接点人" + AIni.g消息("不能为空", tk.getLang()));
			return tk.msg.get();
		}
		if (MyFun.isEmpty(req.getParameter("tjr"))) {
			tk.msg.setCode(0, "推荐人" + AIni.g消息("不能为空", tk.getLang()));
			return tk.msg.get();
		}
		if (MyFun.isEmpty(req.getParameter("name"))) {
			tk.msg.setCode(0, "昵称" + AIni.g消息("不能为空", tk.getLang()));
			return tk.msg.get();
		}
//			String 姓名 = req.getParameter("name");
		//
//			MyToken ss = My.getToken(req);
		//
//			String 登录名 = req.getParameter("uname"); // 姓名 登录名
//			String 手机 = req.getParameter("phone");// 电话
//			int pid = MyFun.str2int(req.getParameter("pid"));// 上级节点
//			String 推荐人 = req.getParameter("tjr");
//			String 登录密码 = req.getParameter("password");// 登录密码
//			String 交易密码 = req.getParameter("passopen");// 交易密码
//			String 身份证号码 = req.getParameter("code");// 身份证
//			String 开户行 = req.getParameter("bank");// 开户行
//			String 开户地址 = req.getParameter("bankaddress");// 开户地址
//			String 卡号 = req.getParameter("bankcard");// 卡号
//			String ip = "";
//			int 角色 = 3;// sx

		tk.msg.setCode(1, AIni.g消息("注册成功", tk.getLang()));
		LoginDao.log_nomal(tk, LoginDao.LogerReg);

		// 删除短信记录
		tk.mcode = null;

		return tk.msg.get();
	}

	// 忘记密码
	@RequestMapping("/l/forgot")
	@ResponseBody
	public Map<String, Object> getforgotPass(HttpServletRequest req, HttpServletResponse res,
			@RequestParam Map<String, String> R) {
		MyToken tk = My.getToken(req);
		String phone = R.get("phone");
		String pass = R.get("pass");
		String smscode = R.get("mcode");
		if (MyFun.isEmpty(phone) || MyFun.isEmpty(pass)) {
			tk.msg.setCode(0, AIni.g消息("不能为空", tk.getLang()));
			return tk.msg.get();
		}
		if (MyFun.isEmpty(tk.mcode)) {
			tk.msg.setCode(0, AIni.g消息("请求短信验证码", tk.getLang()));
			return tk.msg.get();
		}
		if (!smscode.toLowerCase().equals(tk.mcode.toLowerCase())) {
			tk.msg.setCode(0, AIni.g消息("验证码错误", tk.getLang()));
			return tk.msg.get();
		}
		try {
			SqlOfUser.resetPass(phone, pass);
			tk.msg.setCode(1, "密码已经重置");
		} catch (Exception e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		return tk.msg.get();

	}

	// 不经过拦截器,检查是否可以ping通
	@RequestMapping("/ex/ping")
	@ResponseBody
	public Integer ping(HttpServletRequest request, HttpServletResponse response) {
		return 1;
	}

	// 注销
	@RequestMapping("/ex/quit")
	public String quit(HttpServletRequest req, HttpServletResponse res, @RequestParam Map<String, String> R) {
		MyToken tk = My.getToken(req);
		tk.quit();
		TokenFactory.delToken(tk);
		Response.clearCookie(req, res);
		return "redirect:/" + C路由器.g路由("登录", req); // 相对于jsp
	}

	// 查看用户列表
	@RequestMapping("/u/getUserList")
	@ResponseBody
	public Map<String, Object> getUserList(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		String userid = request.getParameter("userid");
		String start = request.getParameter("start");
		String end = request.getParameter("end");
		String status = request.getParameter("status");
		String orderby = request.getParameter("orderby");
		Integer index = MyFun.str2intOrNull(request.getParameter("rs_index"));
		Integer size = MyFun.str2intOrNull(request.getParameter("rs_size"));
		Map<String, Object> list = SqlOfUser.getUserList(orderby, userid, start, end, status, index, size);
		Content ct = new Content();
		ct.setCode(1, "用户列表");
		ct.iniBodys(list);
		return ct.get();
	}

	// 短信重置密码
	@RequestMapping("/u/resetPass")
	@ResponseBody
	public Map<String, Object> getResetPass(HttpServletRequest req, HttpServletResponse res,
			@RequestParam Map<String, String> R) {
		MyToken tk = My.getToken(req);
		String phone = R.get("phone");
		String pass = R.get("pass");
		if (MyFun.isEmpty(phone) || MyFun.isEmpty(pass)) {
			tk.msg.setCode(0, AIni.g消息("不能为空", tk.getLang()));
			return tk.msg.get();
		}
		try {
			SqlOfUser.resetPass(phone, pass);
			tk.msg.setCode(1, "密码已经重置");
		} catch (Exception e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		return tk.msg.get();

	}

	// hzp 获取管理员角色的权限
	@RequestMapping("/s/data/quanxian")
	@ResponseBody
	public Map<?, ?> getData_权限() {
		return SqlOfUser.get菜单权限();
	}

	// hzp 获得当天的会员
	@RequestMapping("/s/data/day")
	@ResponseBody
	public Map<String, Object> getData_当天(HttpServletRequest request) {
		// Map<String, Object> R = new HashMap<String, Object>();
		int index = MyFun.str2int(request.getParameter("rs_index"));
		int size = MyFun.str2int(request.getParameter("rs_size"));
		String uname = request.getParameter("uname").trim();
		String ualias = request.getParameter("ualias").trim();
		return SqlOfUser.get当日会员列表(My.getToken(request).getRoleid(), My.getToken(request).getUserId(), index, size,
				uname, ualias);
	}

	// hzp 会员管理
	//
	// 03.13
	@RequestMapping("/s/data/member")
	@ResponseBody
	public Map<String, Object> getData_会员管理(HttpServletRequest request) {
		int index = MyFun.str2int(request.getParameter("rs_index"));
		int size = MyFun.str2int(request.getParameter("rs_size"));
		String uname = request.getParameter("uname").trim();
		String ualias = request.getParameter("ualias").trim();
		String start = request.getParameter("start");
		String end = request.getParameter("end");
		String uid = request.getParameter("uid");
		int zt = MyFun.str2int(request.getParameter("zt"));
		String 状态 = "";
		if (zt == 2)
			状态 = "";
		if (zt == 1)
			状态 = "1";
		if (zt == 0)
			状态 = "0";
		return SqlOfUser.get所有会员列表(My.getToken(request).getRoleid(), My.getToken(request).getUserId(), index, size, uid,
				uname, ualias, start, end, 状态);
	}

	// hzp 会员资料
	@RequestMapping("/s/data/member_detail")
	@ResponseBody
	public Map<String, Object> getData_会员资料(HttpServletRequest request) {

		int index = MyFun.str2int(request.getParameter("rs_index"));
		int size = MyFun.str2int(request.getParameter("rs_size"));
		String uname = request.getParameter("uname").trim();
		String ualias = request.getParameter("ualias").trim();
		String start = request.getParameter("start");
		String end = request.getParameter("end");
		return SqlOfUser.get会员资料列表(My.getToken(request).getRoleid(), My.getToken(request).getUserId(), index, size,
				uname, ualias, start, end);
	}

	// 03.13 sx
	@RequestMapping("/s/data/member_wallet")
	@ResponseBody
	public Map<?, ?> getData_会员钱包(HttpServletRequest request) {
		int index = MyFun.str2int(request.getParameter("rs_index"));
		int size = MyFun.str2int(request.getParameter("rs_size"));
		String uname = request.getParameter("uname").trim();
		String ualias = request.getParameter("ualias").trim();
		String start = request.getParameter("start");
		String end = request.getParameter("end");
		String uid = request.getParameter("uid");
		return SqlOfUser.get会员账户列表(My.getToken(request).getRoleid(), My.getToken(request).getUserId(), index, size,
				uname, ualias, uid, start, end);
	}

	@RequestMapping("/s/data/changeqx")
	@ResponseBody
	public String getData_修改会员权限(HttpServletRequest request) {

//		int uid = MyFun.str2int(request.getParameter("uid").trim());
//		int role = MyFun.str2int(request.getParameter("role").trim());
//		MyDB db = My.getCommitDB1();
//
//		User 会员 = null;

		// db.commit();
		return "";
	}

	// hzp 修改用户的开关
	@RequestMapping("/s/data/close")
	@ResponseBody
	public String getData_修改会员开关(HttpServletRequest request) {
		String uid = request.getParameter("uid").trim();
		String state = request.getParameter("state");
		return SqlOfUser.close(MyFun.str2int(uid), state);
	}

	// hzp 修改登录用户的密码
	@RequestMapping("/s/data/password")
	@ResponseBody
	public String getData_修改登录密码(HttpServletRequest request) {
		MyToken ss = My.getToken(request);
		String password = request.getParameter("password").trim();
		String newpassword1 = request.getParameter("newpassword1").trim();
		String newpassword2 = request.getParameter("newpassword2").trim();
		return SqlOfUser.change密码(password, newpassword1, newpassword2, ss.getUname());
	}

	// hzp 用户审核
	//
	@RequestMapping("/ex/data/examine")
	@ResponseBody
	public Map<String, Object> do审核会员(HttpServletRequest request) {
		// int uid = MyFun.str2int(request.getParameter("uid"));
		// SqlOfUser.approvaltree(id);
		Content ct = new Content();
		ct.setCode(1, "审核成功");
		return ct.get();
	}

}
